Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistHackeroneCVELIST:CVE-2018-3760
HistoryJun 19, 2018 - 12:00 a.m.

CVE-2018-3760

2018-06-1900:00:00
CWE-22
hackerone
www.cve.org

7.3 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application’s root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

CNA Affected

[
  {
    "product": "Sprockets",
    "vendor": "HackerOne",
    "versions": [
      {
        "status": "affected",
        "version": "4.0.0.beta8, 3.7.2, 2.12.5"
      }
    ]
  }
]

Related

hackerone 1
nuclei 1
nvd 1
openvas 8
debian 3
fedora 2
veracode 2
nessus 8
osv 3
suse 2
ubuntucve 1
cve 1
redhatcve 1
seebug 1
redhat 4
prion 1
github 1
debiancve 1
hackerone
hackerone
Ruby on Rails: Path Traversal on Default Installed Rails Application (Asset Pipeline)
2018-01-22 10:42:20
nuclei
nuclei
Ruby On Rails - Local File Inclusion
2020-04-05 18:01:09
nvd
nvd
CVE-2018-3760
2018-06-26 19:29:00
openvas
openvas
Fedora Update for rubygem-sprockets FEDORA-2018-fd29597fa4
2018-07-15 00:00:00
Fedora Update for rubygem-sprockets FEDORA-2018-2735a12b72
2018-07-15 00:00:00
Debian: Security Advisory (DSA-4242-1)
2018-07-08 00:00:00
debian
debian
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DSA 4242-1] ruby-sprockets security update
2018-07-09 21:06:50
[SECURITY] [DLA-1419-1] ruby-sprockets security update
2018-07-12 09:30:56
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sprockets-3.7.2-1.fc27
2018-07-14 23:36:29
[SECURITY] Fedora 28 Update: rubygem-sprockets-3.7.2-1.fc28
2018-07-15 03:33:48
veracode
veracode
Directory Traversal
2018-06-20 08:36:16
Directory Traversal
2019-01-15 09:24:20
nessus
nessus
openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
2018-07-30 00:00:00
openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)
2019-03-27 00:00:00
Fedora 27 : rubygem-sprockets (2018-fd29597fa4)
2018-07-24 00:00:00
osv
osv
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
ruby-sprockets - security update
2018-07-09 00:00:00
ruby-sprockets - security update
2018-07-12 00:00:00
suse
suse
Security update for rubygem-sprockets (important)
2018-06-29 21:15:11
Security update for rubygem-sprockets (moderate)
2018-07-28 16:02:02
ubuntucve
ubuntucve
CVE-2018-3760
2018-06-26 00:00:00
cve
cve
CVE-2018-3760
2018-06-26 19:29:00
redhatcve
redhatcve
CVE-2018-3760
2019-10-09 16:26:49
seebug
seebug
Ruby on Rails θ·―εΎ„η©ΏθΆŠδΈŽδ»»ζ„ζ–‡δ»Άθ―»ε–ζΌζ΄ž(CVE-2018-3760)εˆ†ζž
2018-08-08 00:00:00
redhat
redhat
(RHSA-2018:2244) Important: rh-ror42-rubygem-sprockets security update
2018-07-24 07:16:08
(RHSA-2018:2245) Important: rh-ror50-rubygem-sprockets security update
2018-07-24 07:16:12
(RHSA-2018:2745) Important: CloudForms 4.5.5 security, bug fix and enhancement update
2018-09-26 18:25:56
prion
prion
Information disclosure
2018-06-26 19:29:00
github
github
Sprockets path traversal leads to information leak
2018-06-20 22:18:58
debiancve
debiancve
CVE-2018-3760
2018-06-26 19:29:00

7.3 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON
Related for CVELIST:CVE-2018-3760
hackerone1nuclei1nvd1openvas8debian3fedora2veracode2nessus8osv3suse2ubuntucve1cve1redhatcve1seebug1redhat4prion1github1debiancve1